<?php

class UserController{
    
    /**
     * 用户登录
     */
    public function login(){
        $method = $_SERVER["REQUEST_METHOD"];
        if($method == "GET"){
            $userName = $_GET["userName"];
            $userPass = $_GET["userPass"];
        }else{
            $userName = $_POST["userName"];
            $userPass = $_POST["userPass"];
        }
        
        $dbutil = new DBUtil();
        $data = $dbutil->query("select * from tb_user where userName=?", array($userName));
        session_start();//开启session
        if(count($data) == 0){
            //用户名不存在
            $_SESSION["errorMsg"] = 1;
            header("location:view/login.php");
        }else{
            $user = $data[0];
            if($userPass == $user["userPass"]){
                //密码也正确
                $_SESSION["loginUser"] = $user;
                //利用当前登录用户的id去查询他拥有的权限菜单
                $sql = "select p.* from tb_userrole ur, tb_rolepermision rp, tb_permision p where ur.rid=rp.rid and rp.pid=p.pid and ur.uid=?";
                $permisions = $dbutil->query($sql, array($user["uid"]));
                $_SESSION["permisions"] = $permisions;
                header("location:view/welcome.php");
            }else{
                //密码错误
                $_SESSION["errorMsg"] = 2;
                header("location:view/login.php");
            }
        }
    }
    
    /**
     * 退出系统
     */
    public function logout(){
        session_start();//开启session
        session_destroy();
        header("location:view/login.php");
    }
    
    /**
     * 设置头像
     */
    public function setHead(){
        $file = $_FILES["headPicture"];
        $fileName = $file["name"];
        $extName = substr($fileName, stripos($fileName, "."));
        //重新生成一个文件名称
        $generateName = rand(1, 100000)."".time().$extName;
        //文件上传后的保存路径
        $savePath = $_SERVER["DOCUMENT_ROOT"]."".explode("/", $_SERVER["REQUEST_URI"])[1]
            ."/upload/".$generateName;
        //保存上传的图片文件
        move_uploaded_file($_FILES["headPicture"]["tmp_name"], $savePath);
        session_start();//开启session
        //将当前用户原头像图片文件删掉（如果默认头像则不能删除）
        if($_SESSION["loginUser"]["headPicture"] != "../upload/default.png"){
            $oldHeadPicture = explode("/", $_SESSION["loginUser"]["headPicture"])[2];
            $oldHeadPicture = $_SERVER["DOCUMENT_ROOT"]."".explode("/", $_SERVER["REQUEST_URI"])[1]
                ."/upload/".$oldHeadPicture;
            if(file_exists($oldHeadPicture)) unlink($oldHeadPicture);
        }
        //修改当前用户的headPicture列的数据
        $dbutil = new DBUtil();
        $sql = "update tb_user set headPicture=? where uid=?";
        $uid = $_SESSION["loginUser"]["uid"];
        $dbutil->execute($sql, array("../upload/$generateName", $uid));
        //刷新welcome.php界面
        $_SESSION["loginUser"]["headPicture"] = "../upload/$generateName";
        echo "<script type='text/javascript'>top.location.href = 'view/welcome.php';</script>";
    }
    
}

?>